How to remove Department of Justice virus

The Department of Justice MoneyPak ransom is a computer virus, which locks your computer and displays a notification from the United States Department of Justice which states that you have been associated with child pornography sites or other illegal online activity, and demands the payment of a $300 fine in the form of a MoneyPak voucher.

The Department of Justice virus is described as drive-by malware because unlike many viruses, which activate when users open a file or attachment—this one can install itself when users simply click on a compromised website. Once infected, the victim’s computer immediately locks, and the monitor displays a screen stating there has been a violation of United States of America law, thus rendering the computer unusable.
The bogus message goes on to say that the user’s Internet address was identified by the Department of Justice as having been associated with child pornography sites, using unlicensed software, or sharing copyrighted files.
To unlock their machines, users are required to pay a fine of $300 using a MoneyPak card service within 48 hours to gain access to your computer again. Paying the “fine” will not necessarily return your computer to a usable state, so this is not advisable.

If your computer is infected with Department of Justice virus, you’ll see the following lock screen:
The text of the Department of Justice alert is:

The United States Department of JusticeThe work of your computer has been suspended on the grounds of the violation of the law of the United States of America.
Possible violations described below:

Article – 184 Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years
(The use or distribution of pornographic files)

Article – 171 Copyright
Imprisonment for the the term of up to 2-5 years
(The use or sharing of copyrighted files)

Article – 113 The use of unlicensed software
Imprisonment for the term of up to 2 years
(The use of unlicensed software)

Amount of fine is $300. Payment must be made within 48 hours after the computer blocking. If the fine has not been paid, you will become the subject of criminal prosecution without the right to pay the fine. The Department for the Fight against Cyberactivity will confiscate your computer (After 48 hours).

ALL ILLEGAL ACTIVITIES CONDUCTED THROUGH YOUR COMPUTER HAVE BEEN RECORDED IN THE POLICE DATABASE, INCLUDING PHOTOS AND VIDEOS FROM YOUR CAMERA FOR FURTHER IDENTIFICATION. YOU HAVE BEEN REGISTERED FOR VIEWING PORNOGRAPHY INVOLVING MINORS.

AN ATTEMPT TO UNLOCK THE COMPUTER BY YOURSELF WILL LEAD TO THE FULL FORMATTING OF THE OPERATING SYSTEM.
ALL FILES, VIDEOS, PHOTOS, DOCUMENTS ON YOUR COMPUTER WILL BE DELETED.

To unlock your computer and to avoid legal consequences, you are obligated to pay a release fee of $300.

It is important to remember that this is a computer infection and not an actual alert from the Department of Justice. Therefore, ignore anything it displays and instead use the removal guide below to remove the Department of Justice ransomware from your computer.

Department of Justice – Virus Removal Guide

The Department of Justice MoneyPak virus can be removed by using either System Restore from Safe Mode with Command Prompt (Option 1), or if this infection will not allow you to start your computer in Safe Mode, then we can use HitmanPro KickStart (Option 2).

OPTION 1: Remove Department of Justice virus with System Restore

The Department of Justice virus, will prevent you from starting your regular Windows session or boot into Safe Mode with Networking, however this trojan will allow not deliver its payload when booting into Safe Mode with Command Prompt.

Allow Windows time to load the necessary processes, and very soon you’ll see a full screen command prompt window as I showed you before.
If you are using Windows XP, you’ll need to enter %systemroot%\system32\restore\rstrui.exe and press Enter.
However, if your computer is Windows Vista,7 or 8, it’s a little bit easier. Simply type rstrui.exe and press Enter.

System Restore will open and you’ll need to select a restore point prior to when your computer was infected with Department of Justice virus.

STEP 2: Scan your computer for Department of Justice virus

Even after performing a System Restore to a previous date, there might be some left over files from this Department of Justice virus infection. Therefore, we will perform a system scan with Malwarebytes Anti-Malware and HitmanPro, to check for any infections that might be present on your machine.

Run a computer scan with Malwarebytes Anti-Malware to remove Department of Justice virus

To remove the Department of Justice malicious files we will be using Malwarebytes Anti-Malware Free, a powerful on-demand scanner which can detect and remove this infection.

Download the latest official version of Malwarebytes Anti-Malware Free.MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK(This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)

After you have downloaded Malwarebytes Anti-Malware,double click on mbam-setup.exe file to start the installation process and then follow the prompts to install this product. When the program has finished installing, make sure you leave both the Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware check, then click on the Finish button.

On the Scanner tab, select Perform quick scan and then click on the Scanbutton to start scanning your computer for any possible infections.

When the scan is finished a message box will appear, click OK to continue.

You will now be presented with a screen showing you the malware infections that Malwarebytes Anti-Malware has found on your computer.Make sure all the infected objects are Checked (Ticked) for removal and then click on the Remove Selected button to remove them.

Run a computer scan with HitmanPro to remove Department of Justice virus

HitmanPro is a cloud on-demand scanner, that uploads unknown files to the a scan sloud where are analyzed using the anti-virus programs of 5 different vendors (Bitdefender, Emsisoft, G-Data, IKARUS and Dr. Web).

You can download the latest official version of HitmanPro from the below link.HITMANPRO DOWNLOAD LINK(This link will open a download page in a new window from where you can download HitmanPro)

Double click on the HitmanPro.exe file to start the HitmanPro and then follow the prompts to start a system scan with this program.

HitmanPro will start scanning your system for malicious files. Depending on the the size of your hard drive, and the performance of your computer, this step will take anywhere from 5 to 10 minutes.

Once the scan is complete,a screen displaying all the malicious files that the program has found will be shown as seen in the image below.After reviewing each malicious object click Next.

HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.

OPTION 2: Remove Department of Justice virus with HitmanPro KickStart

As the Department of Justice Ransomware infection locks you out of your computer, you will need to create a bootable USB drive that contains the HitmanPro.Kickstart program. We will then boot your computer using this bootable USB drive and use it to clean the infection so that you are able to access Windows normally again.
You will also need a USB drive, which will have all of its data erased and will then be formatted. Therefore, only use a USB drive that does not contain any data that you need. This USB drive must also have a size of at least 32 MB.

Download HitmanPro KickStart on a clean computer from the below link.HITMANPRO DOWNLOAD LINK(This link will open a download page in a new window from where you can download HitmanPro KickStart)

Once the USB drive is attached to your computer, double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows), then click on the little picture of the person performing a kick.

In the next screen, select the USB drive that you would like to use and then click on the Install Kickstart button.

Now remove the HitmanPro Kickstart USB drive and insert it into the infected computer.

Once it is inserted, turn off the infected computer and then turn it on. As soon as you power it on, look for text on the screen that tells you how to access the boot menu. This text will typically contain a key that they want you to press on your keyboard in order select the device you wish to use to boot your computer. The keys that are commonly associated with enabling the boot menu are F8, F11 or F12.
Once you determine the proper key that you need to press to access the Boot Menu, restart your computer again and start immediately tapping that key. Once the boot menu appears, you can select the device you wish to boot your computer from. Select the USB drive that you have installed HitmanPro.Kickstart on and that is inserted into the infected computer.

When your computer will load from the HitmanPro Kickstart USB, you will be presented with a screen asking you to select the USB boot options you wish to use.
At this screen, please press 1 (Bypass Master Boot Record) on your keyboard and you will see that Windows begins to start normally.

When Windows starts, you should login as normal and you will once again see the Department of Justice screen locker. After about 15-20 seconds, the HitmanPro window will appear on top of the Department of Justice virus, and you’ll need to click on Next button to install this on-demand scanner.

When HitmanPro has completed it’s scan, click on the Next button, then click on Activate free license to remove Department of Justice virus.

The Department of Justice virus should now be gone from your computer. Stay safe!

It’s your turn to help!

All our instructions are completely free of any charge. If you like to support our work with a donation, your charitable contribution supports our team in their mission against malware.

Before you start!

All guides and removal tools on PC Infected are completely FREE and should remove all traces of malware from your computer.
Please be aware that removing malware is a potentially hazardous undertaking.
We strongly advise you, to backup your personal files and folders before starting the malware removal process.

Join me on Google Plus!

Follow me on Google Plus. I will keep you updated with the latest removal guides and tips against threats targeting your browser and operating system. I'm new on Google Plus so add me to your circles.

3 Tips to stay safe online!

TIP #1 : Always keep an eye on what you click and download, including music, movies, files, browser plug-ins or add-ons.

Be wary of pop-up windows that ask you to download software or that offer to fix your computer. Often these pop-ups will claim that your computer has been infected and that their download can fix it – don’t believe them. Close the window and make sure you don’t click inside the pop-up window. Do not open files of unknown types, or if you see unfamiliar browser prompts or warnings asking you to open a file. Sometimes malware may prevent you from leaving a page if you land on it, for example by repeatedly opening a download prompt. If this happens, use your computer’s task manager or activity monitor to close your browser.

TIP #2 : When you do install software, make sure you’re getting the software from a trusted source

Some programs bundle malware as part of their installation process. Before you start a download, there are a few simple steps you can take to help reduce your risk of downloading malware along with the software you want.

Check the reputation of the store – is it an authoritative source, like your phone or browser’s built-in app store, or the developer’s website, as opposed to an unfamiliar third-party download site? You can also check the reputation of the developer by looking at what others have said about them in the past. Check for online review or comments about that particular download. If you see that many people didn’t like it or had a bad experience, you might not want to download it yourself.

If you notice something suspicious after your download – such as significant computer slowness, unexpected pop-ups or messages, or unfamiliar billing charges – uninstall the software immediately and make sure your anti-virus is running and up-to-date.

TIP #3 : Keep your browser and operating system up to date
Most operating systems and software will notify you when it’s time to upgrade – don’t ignore these messages and update as soon as you can. Old versions of software can sometimes have security problems that criminals can use to more easily get to your data. Google’s Chrome browser automatically updates to the latest version every time you start it up, so you can get the most up-to-date security protection without any extra work.

PCINFECTED.COM is an Independent Website. All trademarks mentioned on this page are the property of their respective owners.We can not be held responsible for problems that may occur by using this information.